Senior/Lead Security Compliance Engineer

We are currently seeking a Senior/Lead Security Compliance Engineer to strengthen our Compliance Assurance Office team. Remote work may be considered.

The successful candidate will join a team responsible for designing, maintaining, and operating the company’s Information Security Management System (ISMS), as well as supporting EPAM projects with the analysis and implementation of client-specific security requirements.

At EPAM Belarus, employees have the flexibility to choose the environment that suits them best. You can work from any location in Belarus, whether it's your home or our offices in Minsk, Grodno, Brest, Gomel, Mogilev or Vitebsk.

Responsibilities

• Manage and/or assist with company and customer security compliance requirements implementation

• Create and maintain security policies and processes with and without support from subject-matter experts

• Facilitate company teams, projects and locations for external security audits independently

• Support production projects and sales teams with customers' questions and audits in the information security area

• Perform Security internal audits independently

• Improve ISMS

Requirements

• Significant knowledge and experience in any of the following framework/standard: ISO 27001, ISO 27701, CMMC, SOX, SOC1 (ISAE 3402), SOC2, NIST 800-53, PCI DSS, TISAX, others

• Experience with implementation or support of Information Security Management System (ISMS) or experience with security standards/regulations

• Experience in creation and maintenance of security policies

• Background in one of the following areas: Security compliance, Information security, IT processes, IT/Security audits, Hardware, Software, Network, IT Administration, User support, Software development processes

• English B1+ or higher

• Good communication skills (readiness to communicate with people in a multinational environment, ability to communicate orally and in writing)

Nice to have

• Experience in development and implementation of a complex security compliance plan/program in the security area (gap analysis -> remediation plans -> detailing tasks, managing task implementation -> internal audit)

• Knowledge or experience with any of the following regulations: CMMC, NIST SP 800-171, NIST SP 800-218, US DoD Regulations

• English B2 or higher

• Certificates in Information security / IT compliance areas

We offer/Benefits

We connect like-minded people:

• Delivering innovative solutions to industry leaders, making a global impact
• Opportunity to work abroad for up to two months per year

We invest in your growth:

• Leadership development, career advising, soft skills and well-being programs
• Unlimited access to LinkedIn Learning and Get Abstract
• Free English classes with certified teachers

We cover it all:

• Comprehensive medical & family care package
• Seven trust days per year (sick leave without a medical certificate)
• Discounts from 800+ partners (sports activities, restaurants, stores and services)